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FOREWORD 

This Indian Standard was adopted by the Bureau of Indian Standards, after the draft finalized by the Reliability 
of Electronic and Electrical Components and Equipment Sectional Committee had been approved by the Electronic 
and Telecommunication Division Council. 

Dependability analysis techniques are used for the review and prediction of the reliability, availability, 
maintainability and safety measures of a system. Dependability analyses are conducted mainly during the concept 
and definition phase, the design and development phase and the operation and maintenance phase at various 
system levels and degrees of detail to order to evaluate and determine the dependability measures of a system or 
an installation. They are also used to compare the results of the analysis with specified requirements. 

While preparing this standard, assistance has been derived from IEC t)0300-3-l (1991) 'Dependability 
management - Part 3: Application guide - Section 1: Analysis techniques for dependability: Guide on 
methodology', published by International Electrotechnical Commission. 

The technical Committee responsible for preparation of this standard has reviewed the provisions of following 
IEC publication and decided that it may be used in conjunction with this standard till Indian Standard on this 
subject is published: 

IEC 1025(1990) Fault tree analysis (FTA) 

The composition of the Committee responsible for formulation of this standard is given in Annex B. 

In reporting the results of a test or analysis made in accordance with this standard, if the final value, observed 
or calculated, is to be rounded off, it shall be done in accordance with IS 2 : 1960 'Rules for rounding off 
numerical values (revised)'. 
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1 SCOPE 

This standard gives a general overview of commonly 
used dependability analysis procedures. It describes 
the usual methodologies, the advantages and 
disadvantages, data input and other requirements for 
the various techniques. 

This guide is an introduction to the available 
methodology and is intended to provide the analyst 
with the necessary information in order to choose the 
analysis method most appropriate to the system. 

2 REFERENCES 

The Indian Standards listed in Annex A are necessary 
adjuncts to this standard. 

3 DEFINITIONS 

For the purpose of this standard, the terms and defini- 
tions given in IS 1885 (Part 39) shall apply in addi- 
tion to the following. 

3.1 System 

Item on the highest level considered in the analysis. 

3.2 Component 

Item on the lowest level considered in the analysis. 

3.3 Allocation 

A procedure applied during the design of an item 
intended to apportion the requirements for 
performance measures for an item to its sub items 
according to given criteria. 

NOTE — 'System' may be replaced by 'sub-system', etc, as 
applicable. 

4 GENERAL 

The analysis methods allow the evaluation of 
qualitative characteristics and estimation of measures 
(for example, failure rate, MTTF, MTBF, reliability, 
steady state availability) which describe the predicated 
long-term operating behaviour of a system. In order 
to perform a systematic and reproducible system 
analysis, use of a consistent procedure is essential. 

However, no single dependability analysis method is 
sufficiently comprehensive and flexible to deal with 



all the possible model complexities required to evaluate 
the features of practical systems (hardware and 
software, complex functional structures, etc). It may 
be necessary to consider several additional analysis 
methods to ensure proper treatment of complex or 
multi-functional systems. 

5 BASIC APPROACH TO SYSTEM 
DEPENDABILITY ANALYSIS 

Specific procedures for analysis are contained in the 
standards describing each analysis method. General 
procedures, approaches and requirements are 
described hereinafter. 

5.1 General Procedure 

The procedure consists of the following steps (as 
applicable): 

Step 1 

List all system reliability and availability requirements, 
characteristics and features, together with environ- 
mental and operating conditions, and maintenance 
requirements. Define the system to be analyzed, its 
modes of operation, the functional relationships to 
higher levels and to interfacing systems of processes. 

Step 2 

Define system fault, fault criteria and conditions based 
on system functional requirements, expected operation 
and operating environment. Software performance 
should also be considered. 

Step 3 

When numerical results are required, it is 
recommended to carry out an allocation based on a 
preliminary design (assignment of a portion of the 
total permitted system failure rate or unavailability to 
each sub-system). 

Step 4 

. Analysis of the system as follows: 

4.1 Qualitative analysis (deductive/inductive 
methodology) 

Analyze the functional system structure, 
determine system/component fault modes, 
failure mechanisms, effects and consequences 
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of failures, consider item maintainability, 
construct reliability and/or availability 
models, determine possible maintenance and 
repair strategies, etc. 
4.2 Quantitative analysis (analytical or event 
simulation methods) 

Obtain or identify item reliability data (for 
example, failure rates), construct mathe- 
matical reliability and/or availability model, 
perform numerical evaluations of mathe- 
matical model, perform component criticality 
and sensitivity analyses, evaluate improv- 
ement of system performance due to 
redundant substructures and maintenance 
strategies, etc. 
Step5 

Evaluation of results, comparison with requirements 
and/or alternative designs. Additional activities may 
include: 

5.1 Reviewing system design, determining 
weaknesses, unbalances, critical/high risk 
fault modes and items, considering system 
interface problems, fail-safe features and 
mechanisms, etc. 

5.2 Developing alternative ways for improving 
dependability (for example redundancy 
allocation, performance monitoring, fault 
detection, system reconfiguration procedures, 
maintainability, component replaceability, 
and repair procedures). 

5.3 Performing trade-off studies and evaluating 
the cost of alternative designs. 

The relationships between the general analysis proce- 
dure and the specific methods and procedures are given 
in Table 1 (note that Table 1 is not exhaustive). The 
methods are explained further in 5.2 to 5.5. 

5.2 Analysis of Functional Structure 

In order to analyze the long-term operating behaviour 
of a system with confidence, the precise way a system 
is required to function, as well as its operational and 
environmental conditions should be determined and 
described in detail. A separate analysis of the 
functional system structure may be necessary to 
identify and departure from the required function. 

The system function may be represented by functional 
block diagrams, signal flow diagrams, state-transition 
diagrams, event sequences, tables, etc. 

Finally, the qualitative failure or success analysis may 
be conducted in accordance with either of the following 
two formal methods: 

a) deductive methodology (top-down), for 
example fault tree analysis; and 



b) inductive methodology (bottom-up), for 
example fault mode and effects analysis. 
However, in practice, an iterative approach is more 
usual with deductive and inductive analysis 
complementing one another. 

5.3 Deductive Analysis 

The essence of the deductive approach is to proceed 
from the highest level of interest, that is, the system 
or sub-system level, to successively lower levels in 
order to identify undesirable system operation. 

The analysis is performed at the next lower system 
level to identify, any fault and its associated fault mode 
which could result in the fault effect as originally 
identified. For each of these second level faults, the 
analysis is repeated by tracing back along the 
functional paths and relationships to the next lower 
level using logical gates. This process is continued as 
far as the lowest level desired. 

The deductive method is an event-oriented method 
which is useful during the early conceptual phase of 
system design when the details of the system are not 
yet fully defined. It is also used for evaluating multiple 
failures including sequentially related failures, the 
existence of faults due to a common-cause, or wherever 
system complexity makes it more convenient to begin 
by listing system faults or system success. 

In all cases the undesirable single event or system 
success at the highest level of interest (the top event), 
should be given. The contributory causes of that event 
at all levels are then identified and analyzed. 

5.4 Inductive Analysis 

The essence of the inductive method is to identify fault 
modes at the component level. For each fault mode 
the corresponding effect on performance is deduced 
for the next higher system level. The resulting fault 
effect becomes the fault mode at the next higher system 
level, and the fault effects of each fault mode are 
analyzed at this level. Successive iterations result in 
the eventual identification of the fault effects at all 
functional levels up to the system level. This 'bottom- 
up' method is rigorous in identifying all single fault 
modes. Because component fault modes must be 
identified. This method is normally used during the 
later stages of design where equipment has become 
mature. 

5.5 Maintenance and Repair Analysis and 
Considerations 

The long-term operating behaviour of a repairable 
system is greatly influenced by the system 
maintainability as well as the repair or maintenance 
strategies employed. An availability performance 
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measure is the appropriate measure for evaluating the 
influence of maintenance and repair on system 
dependability. 

Repair of a system during operation without 
interruption of its function is normally possible only 
for a redundant system structure with accessible 



redundant components. If so, then repair or 
replacement increase system reliability performance 
and availability performance. 

It is usually necessary to perform a separate analysis 
to evaluate repair and maintenance aspects of a system 
(see IS 9692 series). 



Table 1 Correspondence of Methods to General Analysis Procedure 

(Clause 5 A) 



Steps of General 
Procedure 


Analysis Methods 


No. 


Activity 


FMEA/FWECA 

Fault mode and 
effects/critically 
analysis 


FTA 

Fault tree 
analysis 


RBD 

Reliability block 
diagram 


MA 

Markov analysis 


PC 

Parts count 
reliability 


1 


Requirements 
and system 
definitions 


Component 
specification and 
operation 


Functional 
system structure 


System and sub- 
system operation 


Component 
function, functional 
system structure 


Component 
specification and 
failure data 


2 


Definition of 
system fault 


Failure of first 
order functional 
level 


Undesired (top) 
event 


Criteria of system 
success (failure) 


Criteria of system 
success and failure 


Failure of first 
order functional 
level 


3 


Reliability 
apportionment 


If applicable to 
components 


If applicable to 
sub-systems 


If applicable to 
sub-systems 


If applicable to sub- 
systems 


If applicable to 
components 


4.1 


Qualitative 
analysis, 
maintenance 
strategy 


Inductive (table) 


Deductive (fault 
tree) 


Deductive (block 
diagram) 


Inductive/deductive 
(state transition 
diagram) 


Assume series 
system structure, 
list and evaluate 
components 


4.2 


Quantitative 
analysis 
(numerical 
evaluation) 


Fault 

critically/probabil- 
ity analysis 


Calculation of 
system reliability 
and availability 
measures 


Calculation of 
system reliability 
and availability 
measures 


Calculation of 
system reliability 
and availability 
measures 


Calculation of 
components and 
system failure 
rates 


5 


Requirements 
met (terminate 
procedure) 


Criticality of 
failures and failure 
probabilities 
within limits 


Probability of 
undesired even 
within 
requirement 


Reliability/availabi 
lity requirement 
met? 


Reliability/availabil 
ity requirements 
met? 


Does estimated 
system failure rate 
meet 
requirements? 


5.1 


Review 
design, 
determine 
weaknesses 


Component failure 
modes, failure 
rates, etc 


Sub-system/ 
component 
failure modes, 
failure rates, 
system structure, 
etc 


Sub-system 

reliability/ 
availability, sub- 
system/ component 
failure rates, 
system structure, 
etc 


Component/sub- 
system/system 
reliability and 
availability, 
maintenance and 
repair policy, 
system structure 


Determine highest 
component failure 
rates 


5.2 


Develop 

alternative 

designs 


Component 
selection and 
maintenance, etc 


System structure, 
redundancy 
allocation, fault 
detection, 
maintenance, etc 


System structure, 

redundancy 

allocation, 

component 

selection, 

maintenance, etc 


System structure, 
redundancy 
allocation, 
component 
selection, repair 
policy, system 
reconfiguration, etc 


Re-evaluate choke 
of weakest 
components 


5.3 


Perform trade- 
off studies and 
cost evaluation 


Determine most 

economical 

solution 


Determine most 

economical 

solution 


Determine most 

economical 

solution 


Determine most 

economical 

solution 


Estimate cost 
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6 CHARACTERISTICS OF VARIOUS 
DEPENDABILITY ANALYSIS METHODS 

6.1 Selecting the Appropriate Analysis Method 

In order to enable a system dependability evaluation 
to be economically performed, an analysis method 
should be chosen which: 

a) models and evaluates a wide range of 
dependability problems; 

b) allows a straightforward, systematic, 
qualitative and quantitative analysis to be 
performed by trained design and 
dependability engineers; and 

c) predicts measures of the dependability char- 
acteristics numerically, if data are available. 

A dependability analysis method should be selected 
which will give the desired results and encompass all 
relevant attributes. 

Table 2 gives an overview of various dependability 
analysis methods and their characteristics and features. 
More than one method may be required to provide a 
complete analysis of the system. 

6.2 Short Descriptions of Analysis Methods 

6.2.1 Failure Mode and Effects Analysis 

Failure mode and effect analysis (FMEA) is an 
inductive (bottom-up), qualitative dependability 
analysis method, which is particularly suited to the 
study of material, component and equipment faults 
and their effects and mechanisms on the next higher 
functional system level. Iterations of the step 
(identification of single fault modes and the evaluation 
of their effects on the next higher system level) result 
in the eventual identification of all the system single 
fault modes. FMEA lends itself to the analysis of 
systems of different technologies (electrical, 
mechanical, hydraulic, software, etc) with simple 
functional structures. 

FMECA extends the FMEA to include criticality 
analysis by quantifying fault effects in terms of 
probability of occurrence and the severity of any 
effects. Estimates of the probability of failure are 
calculated directly from a reliability prediction using 
the data assessed by the FMEA (probability of 
occurrence of a fault mode, failure rates, etc). The 
severity of effects is assessed by reference to a specified 
scale. 

6.2.2 Fault Tree Analysis 

Fault tree analysis (FTA) is a deductive (top-down) 
method for analyzing system dependability. It is 
concerned with the identification and analysis of 
conditions and factors which cause, or contribute to, 



the occurrence of a defined undesirable event and 
which significantly affect system performance, safety, 
economy or other specified characteristics. 

Starting with the top event, the possible causes or fault 
modes on the next lowest functional system level are 
identified using logical gates. Following stepwise 
identification of undesirable system operation to 
successively lower system level will lead to the desired 
lowest system level. Causes at this level are usually 
the component fault modes. The results of the analysis 
are portrayed as a fault tree. 

The quantitative analysis is performed on the basis of 
the fault tree. In order to estimate system reliability 
and availability, methods such as Boolean reduction 
and cut set analysis are employed. The basic data 
required are component failure rates, repair rates, 
probability of occurrence of fault modes, etc. 

6.2.3 Reliability Block Diagram Analysis 

Reliability block diagram (RBD) analysis is a 
deductive (top-down) system dependability analysis 
method. An RBD is the graphical representation of a 
system's logical structure in terms of sub-systems and/ 
or components. This allows the system success paths 
to be represented by the way in which the blocks (sub- 
systems/components) are logically connected. 

Various qualitative analysis techniques may be 
employed to construct an RBD. The first step is to 
establish the definition of system success. The next 
step is to divide the system in functional blocks 
appropriate to the purpose of the reliability analysis. 
Some blocks may represent system substructures, 
which in turn may be represented by other RBDs 
(system reduction). 

For the quantitative evaluation of an RBD, various 
methods are available. Depending on the type of 
structure (reducible or irreducible) simple Boolean 
techniques, truth tables and/or path and cut set analysis 
may be employed for the prediction of system reliability 
and availability values calculated from basic 
component data. 

6.2.4 Markov Analysis 

Markov analysis is mainly an inductive (bottom-up) 
analysis method suitable for the evaluation of 
functionally complex system structures and complex 
repair and maintenance strategies. 

The method is based on the theory of Markov chains. 
In principle the probabilities of system elements 
(components, sub-systems) being in a particular 
(functional) state, or events to occur, at specific points 
or intervals of time are evaluated by mathematical 
models. 



Table 2 Characteristics of Analysis Methods 

(Clause 6.1) 



Analysis 
Method 


Characteristics 


Ability of method to handle model characteristics as: 


Attributes 


Indian 
Standard 


Number of 
components 


Redu- 
ndant 
struct 
ures 


Irredu- 
cible 
struc- 
tures 


Failure/ 
event 

combin- 
ations 
and 

depend- 
encies 


Time 

varying 

failure/ 
event 
rates 


Complex 
mainte- 
nance 

strategies 


Simulati 
on 
of 

functio- 
nal 

process 


Symbolic 
represen- 
tation 


Approach 


Analysis 


Analysis effort 
(cost) 




dedu- induc- 
ctive tive 


quail- quan- 
tative titative 


quail- quan- 
tative titative 


FMEA 


Up to several 
thousands 


(no) 


no 


(no) 


yes 


no 


no 


List 


(nc) 


c 


c 


nc 


high 


— 


IS 11137 
(Part 2) 


FMECA 


Up to several 
thousands 


(no) 


no 


(no) 


yes 


no 


no 


List 


nc 


c 


c 


(c) 


high 


low 


IS 11137 
(Part 2) 


Fault tree 
analysis 


Up to several 
thousands 


yes 


(yes) !) 


(yes) 


yes 


no 


no 


Fault tree 


c 


nc 


c 


c 


high 


medium 


IEC 1025 
(1990) 


Reliability 

block 

diagram 


Up to several 
thousands 


yes 


(yes) ! > 


(yes) 


(yes) 


no 


no 


Reliability 

block 

diagram 


c 


nc 


(c) 


c 


medium 


medium 


IS 15037 


Markov 


2 to 100 5) 


yes 


yes 


Yes 6) 


(no) 7 > 


yes 


(yes) 


System state 
diagram 


(nc) 


c 


c 


c 


high 


medium 


— 


Parts count 


1 to thousands 


(no) 


(yes) 


no 


(no) 


— 


— 


List 


nc 


c 


(nc) 


c 


low 


low 


— 


Cause/conse- 
quence 


Up to several 
hundreds 


yes 


yes 


(yes) 


(yes) 


yes 2 > 


no 


Cause/conse 
quence chart 


(c) 


c 


c 


c 


high 


low/ 
high 4) 


— 


Event 
simulation 


Up to several 
hundreds 8) 


yes 


yes 


yes 


Yes 


yes 


yes 


Any 


c 


c 


c 


c 


high 


high 


— 


System 
reduction 


Up to several 
thousands 9) 


yes 


no 


(yes) 


(yes) 


(yes) 


no 


Reliability 

block 

diagram 


nc 


c 


(nc) 

10) 


c 10 > 


medium 


medium 




Event tree 


2 to 50 


yes 


yes 


(yes) 


yes 


no 


yes- 


Event tree 


c 


c 


(nc) 


c 


low 


low 


— 


Truth table 3) 


2 to 50 5) 


yes 


yes 


yes 6 > 


— 


— 


— 


Table 


nc 


c 


c 


nc 


high 5) 


— 


— 



NOTE — For abbreviations and remarks see 6.3.3. 
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Initially all the states of interest shall be defined 
together with the probabilities of transition from one 
state to another (component failure or repair rates, 
event rates, etc). Transition rates (failure rates, event 
rates) are normally assumed to be constant, that is 
independent of time or previous history. 

The qualitative analysis requires the determination of 
all the possible system states, preferably shown 
diagrammatically in a state-transition diagram. A 
major supporting analysis technique is the truth table. 

The transition probabilities and the way in which the 
states are related, represented by the state-transition 
diagram, allow the construction of the desired 
transition matrix (mathematical model) for the purpose 
of system reliability/availability calculations. The 
evaluation of other measures of interest may also be 
accomplished. 

6.2.5 Parts Count Reliability Prediction 

Parts count reliability prediction is basically an 
inductive (bottom-up) method applicable mostly 
during the proposal and early design phases, to 
estimate an approximate system failure rate. 

The components of the system need to be listed and 
the appropriate failure rates determined according to 
their stress levels. 

The method is based upon the assumption that the 
components are logically connected in series. This is 
often a worst case estimate. Where redundancies at 
the higher levels of assembly are known, their effects 
may be taken into account. 

A parts count reliability prediction of a system with a 
series type of structure will yield predictions at an 
acceptable precision level, provided a thorough 'Parts 
Stress Analysis' is carried out. Use of the parts stress 
analysis gives more realistic component failure rates. 

6.3 Explanations to Table 2 

6.3.1 General 

On the left hand side of Table 2, the analysis methods 
are listed. In order to facilitate evaluation and 
comparison, their characteristics, attributes, flexibility, 
etc, are stated. 

For each analysis method the matrix thus gives an 
indication as to which additional characteristics each 
method can handle as indicated by 'yes' and 'no' 
entries. Further, the analysis methods are distinguished 
by particular attributes or techniques. These are listed 
and rated on the right hand side of Table 2. 

Table 2 indicates that there is no single, comprehensive 
dependability analysis method. The analyst should 
choose the method which best fits the particular system 
or analysis objective. 



All these methods are capable of analyzing: 

a) series structures; 

b) reducible structures if redundant structures 
are applicable; 

c) independent components (two-state model); 

d) single faults; 

e) exponential distribution of times to failure; 

f) constant repair or event rates; and 

g) independent component repair. 

6.3.2 Table 2 Headings 

6.3.2.1 Number of components 

The number of components of the system which can 
be handled by a particular analysis method is basically 
limited by the number of combinations (system states) 
which arise from the possible component states or fault 
modes considered. The number of combinations is also 
heavily dependent on the specific system structure and 
maintenance considerations. 

6.3.2.2 Redundant structures 

The basis capability to handling redundant system 
structures. 

6.3.2.3 Irreducible structures 

A structure is called irreducible if straight forward 
reduction techniques are not possible. 

6.3.2.4 Failure/event combinations and dependencies 

The capability of the method to handle failure or event 
combinations. These include common cause or 
common mode failures, multiple failure effects and 
statistically dependent fault modes or sequential failure 
effects and mechanisms, or events caused by adverse 
environmental effects. 

6.3.2.5 Time varying failure/event rates 

Non-constant failure and event rates (or non- 
exponential distribution of times to failure). 

6.3.2.6 Complex maintenance strategies 

The capability of the method to handle statistically 
dependent repair and maintenance situations. These 
include cases where renewal processes (repair queues) 
should be considered, as compared to the assumption 
that, for each component failure, repair begins 
immediately after failure, independent of whether a 
component is accessible or not (independent repair). 

6.3.2.7 Simulation of functional process 

The capability of a method to simulate discrete events; 
that is, the failure and renewal processes are simulated 
and the particular system states evaluated according 
to the influence which they exert on any higher-level 
system or on the total environment (interrelation). 
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Therefore, it is also necessary to simulate the 
functional behaviour of the higher-level system along 
with processes within the total environment while 
analyzing the operating and failure processes of the 
system itself. 

6.3.2.8 Deductive/inductive approach 
See 5.3 and 5.4. 

6.3.2.9 Qualitative/quantitative analysis 

The capability of a method to handle qualitative and/ 
or quantitative analysis. 

6.3.2.10 Qualitative/quantitative analysis effort (cost) 

The entries give relative estimates of the cost of 
applying a particular analysis method to a particular 
problem. The effective analysis effort is dependent on 
the system complexity, the depth of analysis, the skill 
of the analyst, the availability of basic system and 
component data, and the availability of suitable 
computing resources. 

6.3.3 Remarks with reference to Table 2 

c Capable. 

Nc Not capable, or not applicable 
() With restrictions/exceptions 

1) With cut sets or logical reduction. 

2) By event simulation, numerical integration 
or renewal theory. 

3) A basic, systematic method (combinatorics) 
to support qualitative system analysis, in 
particular for Markov and event simulation 
to determine the possible system states. Low 
for event rate, high for unavailability 
(diagrams with loops). 

4) Low for event rate, high for unavailability 
(diagrams with loops). 

5) Depends on system complexity (stochastic 
process to be simulated) and possible 
approximations (truncation of event 
sequences). 

6) Especially dependent events, for example, 
parallel structures with passive (standby) 
components. 

7) Special Erlang distribution (introduction of 
virtual - 'dummy' states) or semi-Markov 
process. 

8) System size and complexity which can be 
handled are mainly dependent on available 
computing means, efficiency of event (Monte 
Carlo) simulation procedure and required 
accuracy of measures to be estimated. 

9) Independent components at each reduction 
level are assumed. Therefore, any 



dependability analysis method may be 
employed for the evaluation of the relevant 
components. 
10) Mainly calculation of system dependability 
measures by the reduction (substitution) 
method of a given reliability block diagram. 

6.4 Advantages and Disadvantages of Methods 

A comparison of some of the commonly used methods 
follows. 

6.4.1 Failure Mode and Effects Analysis 

6.4.1.1 Advantages 

a) identifies systematically the cause and effect 
relationships; 

b) gives an initial indication of those fault modes 
which are likely to be critical, especially 
single faults which may propagate; 

c) searches for possible outcomes not previously 
or precisely known; 

d) identifies outcomes arising from specific 
causes or initiating events which are believed 
to be important; 

e) highlights spurious outcomes as well as 
deviations from normal functional 
performance; and 

f) useful in the preliminary analysis of new or 
untried systems or components. 

6.4.1.2 Disadvantages 

a) the output data may be large even for 
relatively simple systems; 

b) may become complicated and unmanageable 
unless there is a fairly direct (of 'single- 
chain') relationship between cause and effect, 
that is, cannot conveniently deal with parallel 
or complex relationship; 

c) may not easily deal with time sequences, 
restoration processes, environmental 
conditions, maintenance aspects, etc; 

d) does not, in itself, directly produce a model 
for quantitative evaluation; and 

e) may not easily portray multiple dependen- 
cies or complex interactions between faults 
in different parts of the system. 

6.4.2 Fault Tree Analysis 

6.4.2.1 Advantages 

a) identifies and records systematically the 
logical fault paths from a specific effect, back 
to the prime causes; 

b) deals with parallel, redundant or alternative 
fault paths; 
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c) deals with most forms of combinatorial events 
and some forms of dependencies as well; 

d) deals with systems which have several cross- 
linked sub-systems; 

e) provide for fairly easy manipulation of the 
fault paths to give minimal logical models 
(for example by using Boolean algebra); 

f) capable of sensitivity analysis to indicate the 
items dominantly contributing to overall 
system reliability; 

g) capable of setting up models for the 
evaluation of overall system reliability and 
availability in probabilistic terms; and 

h) results in compact and concise diagrams for 
a total system. 

6.4.2.2 Disadvantages 

a) does not, in itself, provide for a specific fault 
analysis - that is the cause-effect(s) paths or 
the effect-cause(s) paths are not specifically 
highlighted; 

b) requires a probabilistic model of performance 
for each element in the diagram; 

c) will not show spurious or unintended outputs 
unless the analyst takes deliberate steps to 
this end; and 

d) is primarily directed towards success analy- 
sis and does not deal effectively with com- 
plex repair and maintenance strategies or 
general availability analysis. 

6.4.3 Reliability Block Diagram 

6.4.3. 1 Advantages 

a) Often constructed almost directly from the 
system functional diagram; this has the 
further advantages of reducing constructional 
errors and/or systematic depiction of 
functional paths relevant to system reliability; 

b) deals with most types of system configuration 
including parallel, redundant, standby and 
alternative functional paths; 

c) deals with most forms of combinational 
events and some forms of dependencies; 

d) capable of complete analysis of variations and 
trade-offs with regard to changes in system 
performance parameters; 

e) provide (in the two-state application) for 
fairly easy manipulation of functional or non- 
functional paths to give minimal logical 
models (for example, by using Boolean 
algebra); 

f) capable of sensitivity analysis to indicate the 
items dominantly contributing to over-all 
system reliability; 



g) capable of setting up models for the 
evaluation of overall system reliability and 
availability in probabilistic terms; and 

h) results in compact and concise diagrams for 
a total system. 

6.4.3.2 Disadvantages 

a) does not, in inself, provide for a specific fault 
analysis - that is the cause-effect(s) paths or 
the effect-cause(s) paths are not specifically 
highlighted; 

b) requires a probabilistic model of performance 
for each element in the diagram; 

c) will not show spurious or unintended outputs 
unless the analyst takes deliberate steps to 
this end; and 

d) is primarily directed towards success analy- 
sis and does not deal effectively with com- 
plex repair and maintenance strategies or 
general availability analysis. 

6.4.4 Markov Analysis 

6.4.4.1 Advantages 

a) provides a direct probabilistic model for 
system state behaviour based on the system 
logic; 

b) provides the probabilistic solutions for sub- 
sets of other models such as logic diagrams 
and fault trees; 

c) deals readily with multi-state situations and 
outcomes, right down to the component level; 

d) represents event sequences with a specific 
pattern or order of occurrence; 

e) valuable in computing availability 
performance measures of the system; and 

f) deals with complex, dependent repair situa- 
tions. 

6.4.4.2 Disadvantages 

a) may become very complex for models 
involving a large number of system states; 

b) may not help in the logical solution of a 
problem; 

c) depends normally upon the assumption that 
transition rates are constant; and 

d) can only represent combinatorial events 
by creating a new state for each combi- 
nation. 

6.4.5 Parts Count Reliability Prediction 
6.4.5.1 Advantages 

a) time and cost of analysis are very low; 
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b) 



c) 



d) 
e) 



the necessary input information and data are 

small and suiting to the situation in the early 

design and development phase; 

basic information on component reliability 

is gained in the early design and development 

phase; 

adapted to computerized calculations; 

little training is necessary; 

applied to parts of any complexity, provided 

reliability data are available. 



6.4.5.2 Disadvantages 
a) 



b) 



c) 
d) 



e) 



the functional structure (for example lower 
level redundancies) of a system cannot be 



considered, and therefore only simple 
structures lend themselves to parts count 
analysis; 

the precision level of the predictions is 
normally low, especially for small sub- 
systems, due to the wide spread in values of 
most published data; 

repair and maintenance cannot be considered; 
the evaluation of fault modes and 
mechanisms and their effects is not possible; 
and 

time-sequential failure and event behaviour 
cannot be considered. 
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